Can somebody help me with multi line parsing of an eWAS (embedded Websphere Application Server) application log messages which looks something like below. And the log has single line events as well when its not java stack traces. how to handle both in logstash? Thanks.
[4/5/17 21:45:48:034 EDT] 000000bc exception E com.ibm.ws.wim.adapter.ldap.LdapConnection search(String, String, Object[], SearchControls)
com.ibm.websphere.wim.exception.WIMSystemException: CWWIM4520E The 'javax.naming.NamingException: LDAP response read timed out, timeout used:20000ms.; remaining name 'OU=TPC,DC=vicomdemo,DC=local'; resolved object com.sun.jndi.ldap.LdapCtx@19b18ec6' naming exception occurred during processing.
at com.ibm.ws.wim.adapter.ldap.LdapConnection.search(LdapConnection.java:2953)
at com.ibm.ws.wim.adapter.ldap.LdapConnection.checkSearchCache(LdapConnection.java:2783)
at com.ibm.ws.wim.adapter.ldap.LdapConnection.search(LdapConnection.java:2973)
at com.ibm.ws.wim.adapter.ldap.LdapConnection.searchEntities(LdapConnection.java:3194)
at com.ibm.ws.wim.adapter.ldap.LdapAdapter.search(LdapAdapter.java:3314)
at com.ibm.ws.wim.ProfileManager.searchRepository(ProfileManager.java:5279)
at com.ibm.ws.wim.ProfileManager.searchImpl(ProfileManager.java:1210)
at com.ibm.ws.wim.ProfileManager.genericProfileManagerMethod(ProfileManager.java:355)
at com.ibm.ws.wim.ProfileManager.search(ProfileManager.java:447)
at com.ibm.websphere.wim.ServiceProvider.search(ServiceProvider.java:471)
at com.ibm.websphere.wim.client.LocalServiceProvider.search(LocalServiceProvider.java:393)
at com.ibm.tivoli.ncw.dci.security.dash.VMMGroups$1.run(VMMGroups.java:119)
at com.ibm.ws.security.auth.ContextManagerImpl.runAs(ContextManagerImpl.java:5453)
at com.ibm.ws.security.auth.ContextManagerImpl.runAsSystem(ContextManagerImpl.java:5579)
at com.ibm.tivoli.ncw.dci.security.dash.VMMGroups.groupExists(VMMGroups.java:104)
at com.ibm.tivoli.ncw.dci.security.dash.FacadeVMMDelegator.groupExists(FacadeVMMDelegator.java:144)
at com.ibm.tivoli.ncw.dci.security.dash.DCISecurityFacadeImpl.getGroupPrincipalName(DCISecurityFacadeImpl.java:645)
at com.ibm.tivoli.ncw.dci.security.dash.DCISecurityFacadeImpl.getGroupsInRoleAsCollection(DCISecurityFacadeImpl.java:282)
at com.ibm.tivoli.ncw.dci.security.dash.DCISecurityFacadeImpl.getDCIUsersInRole(DCISecurityFacadeImpl.java:592)
at com.micromuse.ncw.acl.NCWUserManager.getDCIUsersInRole(NCWUserManager.java:236)
at com.ibm.tivoli.ncw.security.vmm.NCOSSyncWorker.syncVMMCredentials(NCOSSyncWorker.java:326)
at com.ibm.tivoli.ncw.security.vmm.NCOSSyncWorker.run(NCOSSyncWorker.java:193)